Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

86685 matches found

EUVD
EUVDadded 2026/06/01 3:45 p.m.8 views

EUVD-2026-33695

A flaw has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0. The affected element is an unknown function of the file admin/ of the component Admin Endpoint. This manipulation of the argument uid causes execution after redirect. It is possible to initiate...

7.5CVSS6.3AI score0.00299EPSS
Exploits0References5
CVE
CVEadded 2026/06/01 3:45 p.m.10 views

CVE-2026-10271

Technical details are not publicly provided in the supplied documents. Monitor for updates from the vendor and CVE feeds.

7.5CVSS6.3AI score0.00299EPSS
Exploits0References5
NVD
NVDadded 2026/06/01 3:16 p.m.8 views

CVE-2026-10265

A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edittopic.php. Such manipulation of the argument topicid leads to sql injection. The attack may be launched remotely. The exploit is publicly...

6.5CVSS0.00204EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/01 2:30 p.m.7 views

CVE-2026-10265

A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edittopic.php. Such manipulation of the argument topicid leads to sql injection. The attack may be launched remotely. The exploit is publicly...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/01 2:30 p.m.8 views

CVE-2026-10265 itsourcecode Content Management System edit_topic.php sql injection

A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edittopic.php. Such manipulation of the argument topicid leads to sql injection. The attack may be launched remotely. The exploit is publicly...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/01 2:30 p.m.10 views

EUVD-2026-33647

A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edittopic.php. Such manipulation of the argument topicid leads to sql injection. The attack may be launched remotely. The exploit is publicly...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/01 2:0 p.m.9 views

EUVD-2026-33645

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2026/06/01 1:58 p.m.20 views

@agenticmail/mcp Missing Authentication for Critical Function

AgenticMail MCP HTTP authorization bypass Summary @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCPHTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A remote client can initialize a session and call tools directly. T...

8.7CVSS5.9AI score0.00359EPSS
Exploits0References8Affected Software1
OSV
OSVadded 2026/06/01 1:58 p.m.6 views

GHSA-63GR-G7JC-V8RG @agenticmail/mcp Missing Authentication for Critical Function

AgenticMail MCP HTTP authorization bypass Summary @agenticmail/mcp exposes a Streamable HTTP transport when started with --http or MCPHTTP=1. In that mode, the /mcp endpoint accepts requests without any HTTP authentication layer. A remote client can initialize a session and call tools directly. T...

8.7CVSS5.9AI score0.00359EPSS
Exploits0References8
Ivanti
Ivantiadded 2026/06/01 1:56 p.m.10 views

Security Advisory Ivanti Neurons for ITSM (CVE-2026-9614)

Ivanti has released updates for Ivanti Neurons for ITSM which addresses one high severity vulnerability. Successful exploitation could lead to authenticated privilege escalation to an administrator. We are not aware of any customers being exploited by this vulnerability at the time of disclosure...

8.8CVSS5.8AI score0.00668EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/06/01 1:19 p.m.8 views

CVE-2026-10533 Openshift: openshift: non-admin user can bypass resourcequota and flood etcd with events causing cluster-wide api degradation

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS5.8AI score0.0023EPSS
Exploits0References2
NVD
NVDadded 2026/06/01 1:16 p.m.11 views

CVE-2026-10257

A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/updatessimg.php. The manipulation of the argument topicid results in sql injection. The attack can be executed remotely. The exploit has been released t...

6.5CVSS0.00319EPSS
Exploits0References6
NVD
NVDadded 2026/06/01 1:16 p.m.12 views

CVE-2026-10254

A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/. This manipulation causes file and directory information exposure. The attack can be initiated remotely. The exploit has been published and may be used...

6.9CVSS0.00329EPSS
Exploits0References6
HackRead
HackReadadded 2026/06/01 12:54 p.m.14 views

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts

pretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0...

5.8AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2026/06/01 12:30 p.m.9 views

CVE-2026-10257 itsourcecode Content Management System update_ss_img.php sql injection

A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/updatessimg.php. The manipulation of the argument topicid results in sql injection. The attack can be executed remotely. The exploit has been released t...

6.5CVSS6.5AI score0.00319EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/01 12:30 p.m.27 views

CVE-2026-10257 itsourcecode Content Management System update_ss_img.php sql injection

A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/updatessimg.php. The manipulation of the argument topicid results in sql injection. The attack can be executed remotely. The exploit has been released t...

6.5CVSS0.00319EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/01 11:45 a.m.28 views

CVE-2026-10254 SourceCodester Pet Grooming Management Software admin file information disclosure

A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/. This manipulation causes file and directory information exposure. The attack can be initiated remotely. The exploit has been published and may be used...

6.9CVSS0.00329EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/01 11:45 a.m.7 views

CVE-2026-10254 SourceCodester Pet Grooming Management Software admin file information disclosure

A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/. This manipulation causes file and directory information exposure. The attack can be initiated remotely. The exploit has been published and may be used...

6.9CVSS5.5AI score0.00329EPSS
Exploits0References6
CVE
CVEadded 2026/06/01 11:45 a.m.14 views

CVE-2026-10254

The CVE-2026-10254 entry concerns SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function in /admin/ that allows exposure of file and directory information. The flaw enables a remote attack, and multiple sources note that the exploit has been published and may be used...

6.9CVSS5.8AI score0.00329EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/01 11:45 a.m.12 views

EUVD-2026-33633

A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. Affected is an unknown function of the file /admin/. This manipulation causes file and directory information exposure. The attack can be initiated remotely. The exploit has been published and may be used...

6.9CVSS5.8AI score0.00329EPSS
Exploits0References6
Rows per page
Query Builder